apache dso and Mod_ssl
I know i ask a connex question but ... is there a way to get a compiled-Mod_ssl that works on DSO compiled apache (without EAPI) ??? because i still don't find websphere module sources and i need to have Websphere and SSL on a unique instance (because : i do authenticate client by certificat with Websphere, it gets the HTTPS's info from SSL cert and use it to provide Access right and such ... ) ... it was working well with iplanet and i hope to make it work the same way with apache ... THX __ D O T E A S Y - Join the web hosting revolution! http://www.doteasy.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Mod_SSL for Windows 2000/NT/XP
-- Original Message -- I guess this is what you're looking for: http://www.modssl.org/contrib/Apache_1.3.26-Mod_SSL_2.8.10-OpenSSL_0.9.6d-Win32.zip I'm somewhat confused. I downloaded and uncompressed the above archive, uncompressed and was delighted to find that mod_ssl was present in the modules directory. But I couldn't find any openssl.exe and, from what I gather, I need this www.openssl.org/download/win32 ?? :) executable/toolkit to generate a key pair and CSR? I'm a bit new to web server security and have just had responsibility thrust upon me, so I thank you all for your patience :) Kind regards, Brendan Lloyd __ D O T E A S Y - Join the web hosting revolution! http://www.doteasy.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Apache Websphere application server
thanx a lot for all
but (yes there is a but :( )
i use Websphere to authenticate client from there certificat
... (websphere does evrything here ... )
and so i need to share information on the server between
mod_app_server and mod_ssl ...
(it works on Iplanet ... i need the same fonctionnality)
but i don't knew how i could use mod_proxy
so ... thanxs a lot anyway :)
-- Original Message --
From: Marco A. Zamora Cunningham [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Tue, 16 Jul 2002 17:32:47 -0500
You'll have to either get IBM to provide you with an EAPI-compiled
WebSphere DSO or set up two copies of Apache, one SSL and
one non-SSL.
yes i've think about this (when i was testing)
but the point is : I need to provide Https pages with Websphere
and i need to use Apache as front server
You can always put up the SSL-aware Apache in front of the non-SSL Websphere
one:
Config inside the frontmost SSL Apache:
ProxyPass / http://127.0.01:websphere_server_port/
ProxyPassReverse / http://127.0.01:websphere_server_port/
And set up the backend Websphere one to listen only on the loopback
interface:
Listen 127.0.0.1:websphere_server_port
(Obviously, substitute websphere_server_port with whatever port you'd like
it to listen on.)
Additionally, if you really need to see the IP of the connecting client on
the backend server (for example, so your access logs show the real IP), you
can do a little trick with mod_perl (provided, of course, you've got
mod_perl on both servers):
On the front SSL server (single line in case it wraps)[1]:
PerlHeaderParserHandler sub
{my($r)=shift;$r-headers_in-add('X-Forwarded-For'=$r-connection-remote_
ip())}
On the back Websphere server (also on a single line)[2]:
PerlHeaderParserHandler sub
{my($r)=shift;$r-connection-remote_ip((split(/,\s*/,$r-headers_in-merge(
'X-Forwarded-For')))[-1])}
In case there isn't mod_perl on the backend server, there might be some
other way to act on the standard proxying X-Forwarded-For header (maybe
websphere can do it by itself?).
Hope it helps... Marco Zamora
[1] Note for mod_perl-heads: Yes, it really is $r-headers_in. Remember
that on proxy connections, the INcoming headers are the ones forwarded on to
the target server.
[2] The fancy (split[...]merge)[-1] stuff is just a way of parsing out the
*last* IP in the possible chain of X-Forwarded-For headers. We can't just
use the header_in method because it returns the first one.
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
D O T E A S Y - Join the web hosting revolution!
http://www.doteasy.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
RE: Failure to load mod_ssl under NT/apache 2.0
-- Original Message -- From: Alex Moon [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Wed, 17 Jul 2002 11:37:20 +0100 I've been trying to get apache 2.0.39 +modssl to work under winNT. But i am failing at what seems like the first hurdle i.e. i cannot seem to get the apache mod_ssl.so module to load. It comes up with the following: with apache 1.3.2* under windows (not cygwin) you had to load .DDL and not .SO maybe it a way to search Cannot load C:/apache2/modules/mod_ssl.so into server: The operating system cannot run %1 Any ideas greatfully received as I cannot see what I have done wrong, Alex Technical Manager Online Learning Support Unit Middlesex University Business School [EMAIL PROTECTED] 020 8411 5092 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ D O T E A S Y - Join the web hosting revolution! http://www.doteasy.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failure to load mod_ssl under NT/apache 2.0
-- Original Message -- From: hunter [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Wed, 17 Jul 2002 09:22:37 -0400 arcean wrote: -- Original Message -- From: Alex Moon [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Wed, 17 Jul 2002 11:37:20 +0100 I've been trying to get apache 2.0.39 +modssl to work under winNT. But i am failing at what seems like the first hurdle i.e. i cannot seem to get the apache mod_ssl.so module to load. It comes up with the following: with apache 1.3.2* under windows (not cygwin) you had to load .DDL and not .SO maybe it a way to search [over load sniped ... ] I said : with apache 1.3.2* under windows (not cygwin) you had to load .DDL ^^^^^ not cygwin, native win32 if you prefer (with DLL) 1.3.2* like 1.3.20 or 1.3.26 ... not 1.0.39 (not sure it existes) i know my english is bad but with cygwin i never try I have not done this for several weeks and maybe the distribution has changed, but... mod_ssl.so was not built with Apache 1.0.39 ...you have to build it. 1. place openssl into ?:\httpd-2.0.39\srclib ... there are instructions somewhere to follow... 2. follow the instructions in openssl and build it ... you need masm7, perl, vc6, etc. 3. build apache ... it finds openssl and builds mod_ssl.so ... you need awk, bison, sed and flex (new cygwin) ... I had to get newer version of cygwin before it worked, but then the newer perl was a problem. ... older perl must be in path before cygwin After it all comes to gether you can use nmake -f makefile.win installr Then I had trouble making certs... Try these hints ... I will make more detailed instructions later if needed but I think the newer packages (must) probably work better than what I used ... but I have not checked. I will have to download new source and try again to know what the situation is and I am sorry but I have to run off to work. Later, ok? Chris. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ D O T E A S Y - Join the web hosting revolution! http://www.doteasy.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Apache Websphere application server
hello *, I trying to make apache, SSL and Websphere works together ... and i have the famous probleme loaded DSO /apps/[..]/mod_app_server.so uses plain Apache api ... this module migth crash ... re compile it with -DEAPI my probleme is : i don't have the source code of the websphere plugin ... do you know a way to use mod_ssl without compiling apache or compiling apache to perfectly support the old way DSO module ?? thanx by advance -- arno __ D O T E A S Y - Join the web hosting revolution! http://www.doteasy.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
